Run an Account Discovery job
You can run an Account Discovery job for discovering and onboarding (optional) local accounts belonging to a specific category such as Database, Directory Server or Operating system. You can schedule a job periodically or otherwise as per your requirements in the Schedule Type section. It is better to schedule the scan during off-hours, when more bandwidth is free and disruption is less likely.
However, your account should be a 'Management account' to be able to perform this job successfully. A management account is basically an administrator-level account defined under 'Account Defaults, whose account role has been set to 'management'.
Procedure:
- Login to the system and select PAM from the product navigator.
- Go to Manage → Discovery → Account→ Add Account Discovery.
- Enter a Job Title.
- Select Asset Category from: Database/ Directory Server/ Operating system.
- Select Asset Type from the dropdown menu.
- Set Schedule type to:
a. Once: when you want the job to run only once at your specified date & time
b. Recuring: when you want the job to start running periodically - Specify whether you want to onboard accounts.
- Click on Save+Run Now to start account discovery.
If you schedule a periodic scan, note that a future job will not start until the preceding scan job is completed. If the preceding job is not completed by the time the next job is scheduled to start, an error message appears in the scan log.